The Feds can now search (or simply seize) any electronic equipment you are carrying when and if you are arrested.
WASHINGTON — Ever wonder how much leeway federal agents have when snooping through your e-mail or computer files?
The short answer: a lot.
The U.S. Department of Justice this week published new guidelines for police and prosecutors in cases involving computer crimes.
The 500 KB document includes a bevy of recent court cases and covers new topics such as encryption, PDAs and secret searches.
It updates a 1994 manual, which the Electronic Privacy Information Center had to file a Freedom of Information Act request to obtain. No need to take such drastic steps this time: The Justice Department has placed the report on its cybercrime.gov site.
Pagers vs. PDAs: Anyone who’s arrested will likely be patted down for guns, contraband and electronic devices.
So be sure to yank the batteries if you’re about to be nabbed. During an arrest, cops can scroll through the information on your pager without a warrant.
What about PDAs? The latest word, oddly enough, might be a 1973 Supreme Court case, United States v. Robinson, that permitted police officers to conduct searches of an arrestee’s possessions. Lower courts have extended this rule to include pagers.
But PDAs more closely resemble computers in processing speed and storage capacity.
Concludes the DOJ: “Courts have not yet addressed whether Robinson will permit warrantless searches of electronic storage devices that contain more information than pagers. If agents can examine the contents of wallets, address books and briefcases without a warrant, it could be argued that they should be able to search their electronic counterparts (such as electronic organizers, floppy disks and Palm Pilots) as well.”
Not everyone agrees that an arrest can lead to a full search. “The search incident to arrest is less settled,” says Jennifer Granick, a San Francisco attorney specializing in computer crime law.
Just say no: Speaking of portable electronics, here’s some free advice: Don’t let ’em search your car.
Once you do, the cops will legally have permission to search the memory or storage of whatever electronics you’ve got stashed away.
One federal court in the Southern District of New York, for instance, said that if the driver consents to a search, police can then look through the memory of the cell phone they found in the car.
Workplace searches: If you work for a corporation or nonprofit group, your boss can let the cops rummage through all your stuff without a warrant.
The law treats it as a “private search,” and the Fourth Amendment’s prohibition on unreasonable searches doesn’t apply. Government employees may have more protections.
If you work in a common area, rather than a separate office, be nice to your co-workers. They can consent to a search.
Seizing computers: Believe it or not, the feds aren’t usually supposed to haul away your computer gear and impound it for the next half-decade. Instead, they’re supposed to scroll through the hard drives and either print out or copy files.
But if your computer is an “instrumentality” of a crime — if they claim it’s being used to trade kiddie porn, for instance — don’t expect to see it anytime soon.
“Off-site searches also may be necessary if agents have reason to believe that the computer has been ‘booby trapped’ by a savvy criminal,” says the Justice Department.
“Technically adept users may know how to trip-wire their computers with self-destruct programs that could erase vital evidence if the system were examined by anyone other than an expert. In these cases, it is best to seize the equipment and permit an off-site expert to disarm the program before any search occurs.”
“No knock” searches: Conservative activists may hate this, but “no knock” searches, where kevlar-clad goons toting M-16s break through your front door without warning, aren’t going away. If anything, the Justice Department seems to think they’re even more necessary when dealing with computer crimes.
“Technically adept computer hackers have been known to use ‘hot keys,’ computer programs that destroy evidence when a special button is pressed. If agents knock at the door to announce their search, the suspect can simply press the button and activate the program to destroy the evidence,” the manual says.
It doesn’t end there: The Justice Department cites a 1997 case, Richards v. Wisconsin, in which the Supreme Court said agents can conduct a no knock search even if the judge granting the warrant didn’t approve one. That’s allowed when agents have a “reasonable suspicion” that the subject of the search could destroy evidence or obstruct the investigation.
Secret searches: Call it the latest trend in law enforcement: Surreptitious breaking-and-entering of homes and offices.
In one recent secret-search case related to computers, the feds sneaked into the office of Nicodemo S. Scarfo, the son of Philadelphia’s former mob boss, who allegedly ran a loan shark operation in north New Jersey. Once there, they secretly installed software to sniff Scarfo’s PGP passphrase so they could decrypt his communications.
Civil libertarians argue secret searches are unconstitutional.
“Sneak-and-peek searches may prove useful in searches for intangible computer data. For example, agents executing a sneak-and-peek warrant to search a computer may be able to enter a business after hours, search the computer, and then exit the business without leaving any sign that the search occurred,” the Justice Department says.
The DOJ argues that secret searches are permissible, despite rule 41(d) of the Federal Rules of Criminal Procedure, which requires agents to notify the person whose home or office has been broken into. But the document admits that courts have “struggled” to reconcile this idea with the U.S. Constitution’s privacy guarantees.
To clear up any doubt, in mid-1999 the Justice Department proposed legislation that would let police obtain surreptitious warrants and “postpone” notifying the person whose property they entered for 30 days.
After vocal objections from civil liberties groups, the administration backed away from the controversial bill. In the final draft of the Cyberspace Electronic Security Act submitted to Congress, the secret-search portions had disappeared.
Border searches: If you agree to let customs agents search your computer, be prepared to deal with the consequences.
Take the case of William Roberts, who the feds suspected of possessing child pornography and who was boarding a flight to Paris. “After the agents searched Roberts’ property and found a laptop computer and six zip diskettes, Roberts agreed to sign a consent form permitting the agents to search his property. A subsequent search revealed several thousand images of child pornography,” the Justice Department says.
Encryption: The manual doesn’t address whether a criminal defendant can be compelled to give up his passphrase to allow prosecutors to decrypt his files.
But it does give one good reason to use useful software like PGPdisk (available for free at pgpi.com) that can create an encrypted hard drive partition that requires a passphrase to access.
Under current law, anyone with access to the computer you use — including your spouse — can allow the feds to search it without a warrant. (Unless your files are stored on a remote computer on a network, in which case it gets more complicated.)
But if your files are encrypted, you might be better off. “It appears likely that encryption and password-protection would in most cases indicate the absence of common authority to consent to a search among co-users who do not know the password or possess the encryption key,” the Justice Department says.
Author: Declan McCullagh
News Service: Wired News